package com.controller;

import com.pojo.User;
import org.springframework.security.access.annotation.Secured;

import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.ArrayList;
import java.util.List;

@RestController
@RequestMapping("/test")
public class SecurityController {

    @GetMapping(value = {"/home"})
    @PreAuthorize("hasAnyAuthority('admin')")
    public String home(){
        return "home";
    }

    @GetMapping(value = "/index")
    @Secured({"admin"})
    public String index(){
        return "index";
    }

    @GetMapping(value = {"/hom"})
    @PostAuthorize("hasAnyRole('admin')")
    public String hom(){
        System.out.println("123456456");
        return "hom";
    }

    @GetMapping(value = "/hello")
    public String hello(){
        return "hello";
    }


 
    @GetMapping(value = "/login")
    public String login(){
        return "login";
    }

    @GetMapping("/getAll")
    @PostFilter("filterObject.username=='三'")
    public List<User> getUserList(){
        List<User> list = new ArrayList<User>();
        list.add(new User(1L,"四","123"));
        list.add(new User(2L,"三","123"));
        return list;
    }
}